<?php
function apiGetClassstudentforclassid($db, $id) {
	$data = Array();
	$query = 'SELECT * FROM classstudent WHERE classid = :id;';
	try {
		$statement = $db -> prepare($query);
		$statement -> bindParam(':id', $id, PDO::PARAM_INT);
		$statement -> execute();
		while ($row = $statement -> fetch(PDO::FETCH_ASSOC)) {
			$data[$row['id']] = Array();
			$data[$row['id']]['id'] = $row['id'];
			$data[$row['id']]['classid'] = $row['classid'];
			$data[$row['id']]['classname'] = $row['classname'];
			$data[$row['id']]['userid'] = $row['userid'];
			$data[$row['id']]['username'] = $row['username'];
			$data[$row['id']]['name'] = $row['name'];
		} 

		$output['code'] = 200;
		$output['status'] = 'success';
		$output['message'] = $GLOBALS['messages'][60040];
		$output['data'] = $data;
	} catch (Exception $e) {
		$output['code'] = 500;
		$output['status'] = 'fail';
		$output['message'] = $GLOBALS['messages'][90003];
	}
	//$output = apiAddFolder($db, $p['username'], $p['username'], '/', 'admin');
	return $output;
}
function apiGetClassstudent($db, $id) {
	$data = Array();
	$query = 'SELECT * FROM classstudent WHERE id = :id;';
	try {
		$statement = $db -> prepare($query);
		$statement -> bindParam(':id', $id, PDO::PARAM_INT);
		$statement -> execute();
		$result = $statement -> fetch(PDO::FETCH_ASSOC);
		if (!empty($result)) {
			// Check should have a new single user
			foreach ($result as $key => $value) {
				$data[$key] = $value;
			}
			
		} else {
			// User not found
			$output['code'] = 404;
			$output['status'] = 'fail';
			$output['message'] = $GLOBALS['messages'][60039];
			return $output;
		}

		$output['code'] = 200;
		$output['status'] = 'success';
		$output['message'] = $GLOBALS['messages'][60040];
		$output['data'] = $data;
	} catch (Exception $e) {
		$output['code'] = 500;
		$output['status'] = 'fail';
		$output['message'] = $GLOBALS['messages'][90003];
	}
	//$output = apiAddFolder($db, $p['username'], $p['username'], '/', 'admin');
	return $output;
}

/**
 * Function to edit a UNetLab users.
 *
 * @param	PDO		$db					PDO object for database connection
 * @return  Array                       UNetLab users (JSend data)
 */
function apiGetclassstudents($db) {
	$data = Array();

	$query = 'SELECT * FROM classstudent ORDER BY id ASC;';
	try {
		$statement = $db -> prepare($query);
		$statement -> execute();
		while ($row = $statement -> fetch(PDO::FETCH_ASSOC)) {
			$data[$row['id']] = Array();
			$data[$row['id']]['id'] = $row['id'];
			$data[$row['id']]['classid'] = $row['classid'];
			$data[$row['id']]['classname'] = $row['classname'];
			$data[$row['id']]['userid'] = $row['userid'];
			$data[$row['id']]['username'] = $row['username'];
			$data[$row['id']]['name'] = $row['name'];
		}
			$output['code'] = 200;
			$output['status'] = 'success';
			$output['message'] = $GLOBALS['messages'][60040];
			$output['data'] = $data;
	} catch (Exception $e) {
		$output['code'] = 500;
		$output['status'] = 'fail';
		$output['message'] = $GLOBALS['messages'][90003];
	}
	return $output;
}

/**
 * Function to delete a UNetLab user.
 *
 * @param	PDO		$db					PDO object for database connection
 * @param	string	$user				UNetLab user
 * @return  Array                       Return code (JSend data)
 */
function apiDeleteclassstudent($db, $user) {
	if (empty($user)) {
		// User not found
		$output['code'] = 404;
		$output['status'] = 'fail';
		$output['message'] = $GLOBALS['messages'][60039];
		return $output;
	}

	try {
		
		$query = 'DELETE FROM classstudent WHERE id = :id;';
		$statement = $db -> prepare($query);
		$statement -> bindParam(':id', $user, PDO::PARAM_INT);
		$statement -> execute();
		//$result = $statement -> fetch();


		$output['code'] = 201;
		$output['status'] = 'success';
		$output['message'] = $GLOBALS['messages'][60042];
	} catch (Exception $e) {
		$output['code'] = 500;
		$output['status'] = 'fail';
		$output['message'] = $GLOBALS['messages'][90003];
	}
	return $output;
}

/**
 * Function to edit UNetLab user.
 *
 * @param	PDO		$db					PDO object for database connection
 * @param	string	$user				UNetLab user
 * @param	Array	$p					Parameters
 * @return  Array                       Return code (JSend data)
 */
function apiEditclassstudent($db, $user, $p) {
	// TODO missing try/catch
	// TODO need to check all parameters
	if (empty($user)) {
		// User not found
		$output['code'] = 404;
		$output['status'] = 'fail';
		$output['message'] = $GLOBALS['messages'][60039];
		return $output;
	}
	if($p['oldusername'] == $p['username'])
	{
		$output['code'] = 200;
		$output['status'] = 'success';
		$output['message'] = $GLOBALS['messages'][60042];		
		return $output;
	}
    $query = 'SELECT COUNT(*) as rows FROM classstudent WHERE classid = :classid and username = :username and id <> :id;';
	$statement = $db -> prepare($query);
	$statement -> bindParam(':id', $user, PDO::PARAM_INT);
	$statement -> bindParam(':classid', $p['classid'], PDO::PARAM_INT);
	$statement -> bindParam(':username', $p['username'], PDO::PARAM_STR);
	$statement -> execute();
	$result = $statement -> fetch();
	
	if ($result['rows'] > 0) 
	{
		$output['code'] = 412;
		$output['status'] = 'fail';
		$output['message'] = $GLOBALS['messages'][60039];
		return $output;
	}
	
    $unname=htmlentities($p['name']);
	$query = 'UPDATE classstudent SET userid = :userid,username = :username,name= :name WHERE id = :id;';
	$statement = $db -> prepare($query);
	$statement -> bindParam(':userid', $p['userid'], PDO::PARAM_INT);
	$statement -> bindParam(':username', $p['username'], PDO::PARAM_STR);
	$statement -> bindParam(':name', $unname, PDO::PARAM_STR);
	$statement -> bindParam(':id', $user, PDO::PARAM_INT);
	$statement -> execute();
	$output['code'] = 200;
	$output['status'] = 'success';
	$output['message'] = $GLOBALS['messages'][60042];	
	return $output;
}

/**
 * Function to add a UNetLab user.
 *
 * @param	PDO		$db					PDO object for database connection
 * @param	Array	$p					Parameters
 * @return  Array                       Return code (JSend data)
 */
function apiAddclassstudent($db, $p) {
	// TODO need to check all parameters
	if (!isset($p['name']) ) {
		// Username not set
		$output['code'] = 400;
		$output['status'] = 'fail';
		$output['message'] = $GLOBALS['messages'][60043];
		return $output;
	}
    $classname=htmlentities($p['classname']);
	$uname=htmlentities($p['name']);
	$query = 'INSERT INTO classstudent (classid,classname,userid,username,name) VALUES (:classid,:classname,:userid,:username,:name);';
	try {
		$statement = $db -> prepare($query);
		$statement -> bindParam(':userid', $p['userid'], PDO::PARAM_INT);
		$statement -> bindParam(':classid', $p['classid'], PDO::PARAM_INT);
		$statement -> bindParam(':classname', $classname, PDO::PARAM_STR);
		$statement -> bindParam(':username', $p['username'], PDO::PARAM_STR);
		$statement -> bindParam(':name', $uname, PDO::PARAM_STR);
		$statement -> execute();
		$output['code'] = 201;
		$output['status'] = 'success';
		$output['message'] = $GLOBALS['messages'][60042];
		//mkdir(BASE_LAB.'/'.$p['username']);
	} catch (Exception $e) {
		$output['code'] = 500;
		$output['status'] = 'fail';
		$output['message'] = $GLOBALS['messages'][60045];
		return $output;
	}	
	return $output;
}
?>
